AVG-2508 log
| Package | libjxl |
| Status | Fixed |
| Severity | Medium |
| Type | multiple issues |
| Affected | 0.6-1 |
| Fixed | 0.6.1-1 |
| Current | 0.11.1-5 [extra] |
| Ticket | None |
| Created | Mon Nov 1 14:36:39 2021 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2021-22564 | Medium | Yes | Arbitrary code execution | In libxjl before version 0.6.1, for certain valid JPEG XL images with a size slightly larger than an integer number of groups (256x256 pixels) when... |
| CVE-2021-22563 | Medium | Yes | Information disclosure | Invalid JPEG XL images using libjxl before version 0.6.1 can cause an out of bounds access on a std::vector<std::vector<T>> when rendering splines. The OOB... |